What:
The SANS Institute, the world's most trusted and largest source for information security training, will host a two-day workshop for security managers intended to share expert advice and critical strategies to ensure that security is designed and engineered into the applications and systems being built and bought by groups throughout the enterprise. The workshop agenda will dissect the art and science of baking security into applications and networks, offering security managers effective strategies they can bring to their IT architecture and development teams immediately to create effect coverage and partnerships.

Who:Brian Fox, Vice President of Engineering at Sonatype, will present "Critical Strategies to Manage Risk and Maximize Business Value of Open-Source Components in Application Development." The session will examine the pervasiveness of open-source component usage in corporate IT portfolios and how organizations have the limited ability to govern the selection, management and distribution of open-source component usage in application development. This lack of visibility and control over open-source component usage can leave organizations exposed to unforeseen technical and compliance risks, including significant threats to software security, quality, performance, stability and intellectual property.

Any organization that has ever used open-source components when building mission-critical applications will benefit from this session. Attendees will be provided with a first-hand look at how open-source components, and their dependencies, may expose organizations to unforeseen security vulnerabilities; how to accurately capture and profile open-source component usage across the enterprise; and how to ensure only the highest quality components are used during every stage of development.

About Sonatype Inc.Sonatype is transforming software development with tools, information and services that enable organizations to build better software, faster, using open-source components. With Sonatype Insight, organizations gain unprecedented levels of visibility and control over open-source component usage without disrupting their software development process. The company's professional-grade Java development tools are trusted by leading development organizations and software vendors to enhance the most widely used open source development-infrastructure products with added technical support from Sonatype's team of experts. Sonatype supports the open-source community as an innovator and key contributor to projects such as Nexus, Apache Maven, m2eclipse, Hudson, p2 and Tycho and as the steward of the Central Repository -- the industry's primary source for open-source components, housing more than 300,000 software components, serving four billion requests per year. Sonatype is privately held with investments from Accel Partners, Bay Partners, Hummer Winblad Venture Partners and Morgenthaler Ventures. Visit: www.sonatype.com.